Filter
Top Products
Chapter 3. Component structure 61
Remediation (flow 4)
Two cases should be considered for the remediation process: one where the
organization has a Tivoli Configuration Manager server with an automatic
remediation implementation, and the other where the organization will use
manual methods for remediation using a Web server or alternative methods.
Manual remediation could be provided with a Web server where a user can
download the required software to meet the software compliance requirements
and manually comply to configuration requirements.
In the case of automatic remediation, these processes result in remediation:
Remediation request (4a)
The token received in step 3e determines the posture of the client. If the client
receives a
quarantine posture this requires being provided with remediation,
(for example, a corrective action). The remediation is initiated by the user of
the network client machine by clicking a remediation button from the Security
Compliance Manager client pop-up window. The
policy collector then passes
a
remediation URL and a remediation request containing the name of the
remediation object for remediating policy objects to the
remediation handler
on the network client.
Remediation execution (4b)
The
remediation handler on the network client contacts the Configuration
Manager Web Gateway server requesting remediation. An appropriate object
is downloaded and executed and the client is remediated.
Network access (4c)
The NAD continuously polls the client for change in posture status. If the
network client has been remediated, it has to go through the process steps 2a
through 3g again. After the network client is remediated of all violations, it
receives a
healthy token from the ACS and the access control policy is
changed in the NAD device. At this point the client is compliant to the
enterprise policy and is provided access to the enterprise network.